Is the recent switch of github two-factor authentification impacted the way opam publish
operates ?
I’ve recently switched to 2FA for GH and when trying to publish a package with opam publish
, i get
$ opam publish
The following will be published:
- rfsm version 2.0 with opam file at /Users/jserot/Dev/ml/rfsm/rfsm.opam
archive at https://github.com/jserot/rfsm/archive/refs/tags/2.0.tar.gz
You will be shown the patch before submitting.
Please confirm the above data. Continue ? [Y/n] Y
Cloning the package repository, this may take a while...
+ /usr/local/bin/git "clone" "git@github.com:ocaml/opam-repository.git" "/Users/jserot/.opam/plugins/opam-publish/repos/ocaml%opam-repository"
- Cloning into '/Users/jserot/.opam/plugins/opam-publish/repos/ocaml%opam-repository'...
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
- Someone could be eavesdropping on you right now (man-in-the-middle attack)!
- It is also possible that a host key has just been changed.
- The fingerprint for the RSA key sent by the remote host is
- SHA256:uNiVztksCsDhcc0u9e8B.................................
- Please contact your system administrator.
- Add correct host key in /Users/jserot/.ssh/known_hosts to get rid of this message.
- Offending RSA key in /Users/jserot/.ssh/known_hosts:30
- Host key for github.com has changed and you have requested strict checking.
- Host key verification failed.
- fatal: Could not read from remote repository.
-
- Please make sure you have the correct access rights
- and the repository exists.
[ERROR] Uncaught exception: "/usr/local/bin/git clone git@github.com:ocaml/opam-repository.git
/Users/jserot/.opam/plugins/opam-publish/repos/ocaml%opam-repository" exited with code 128
Do i have to update the abovementioned known_hosts
file ? I thought 2FA had rended this auth method obsolete (but must admit i’m a bit confused by all these changes in authorisation protocols )